International Criminal Court Are Investigating an Unprecedented Cyberattack

This post is also available in: עברית (Hebrew)

The International Criminal Court (ICC) has reportedly fallen victim to a sophisticated cyberattack suspected to be an espionage operation. The court has taken mitigating steps based on the forensic analysis of the incident supported by external cybersecurity experts, and a criminal probe was also opened by the Dutch law enforcement authorities.

The ICC said in a statement: “The evidence available thus far indicates a targeted and sophisticated attack with the objective of espionage. The attack can therefore be interpreted as a serious attempt to undermine the Court’s mandate,” and added that it was not “presently possible” to confirm who is responsible for the attack.

“The Court has also identified that disinformation campaigns targeting the ICC and its officials may be anticipated to be launched in an effort to tarnish the ICC image and delegitimize its activities,” the ICC said.

While it is not clear how the ICC’s systems were initially breached, it was most likely done using a phishing attack or by exploiting an unpatched vulnerability, according to William Wright of cybersecurity firm “Closed Door Security”. Wright said- “Given the information held by the ICC, this was never just a chance attack. It was more likely planned by a nation-state actor that knew exactly what they wanted and how to get it.”

He further notes that the threat actors managed to enter and leave the system without leaving a trace. “This means we may not understand the full extent of this attack until the criminals make it public or use it against the ICC,” he said.

The ICC said it was bolstering its cyber defenses and taking steps to protect victims and witnesses potentially exposed by the attack against possible repercussions.